How to run apache httpd 2.4.6 with a self-signed certificate signed with an elliptic curve key...











up vote
0
down vote

favorite
1












I'm trying to run apache httpd 2.4.6 on CentOS 7.6 with a self-signed certificate signed with an elliptic curve key brainpoolP384t1, but apache is not accepting this as a valid key. I ensured all directives are poiting to the right place. The only problem is with apache not recognizing the key as valid. The key is not encrypted.



When I get to the ssl_error_log file, I get this (using pkcs8):




[Sun Dec 16 15:15:36.020090 2018] [ssl:error] [pid 8379:tid 140184667797632] AH02203: Init: Private key not found
[Sun Dec 16 15:15:36.020246 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020297 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Sun Dec 16 15:15:36.020327 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020356 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Sun Dec 16 15:15:36.020386 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Sun Dec 16 15:15:36.020415 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020444 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)




without pkcs8




[Mon Dec 17 01:24:47.455770 2018] [ssl:error] [pid 18124:tid 139679037429888] AH02203: Init: Private key not found
[Mon Dec 17 01:24:47.455902 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456051 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Mon Dec 17 01:24:47.456090 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456121 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Mon Dec 17 01:24:47.456152 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Mon Dec 17 01:24:47.456180 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456210 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)




NOTE: I've ran it with rsa key encrypted with aes-256-cbc, but now I want it with an ec key.










share|improve this question
























  • Do you have private key and certificate in PEM format?
    – Romeo Ninov
    yesterday










  • Yes, I do. I've implemented it with a non - ec curve key, but now I want it with an ec curve key.
    – El_Dorado
    yesterday












  • Usually the errors you reported occur when attempting to use a non-x509 key. You should make sure that you keys and cert are in x509 and not pkcs8... as appears to be the case listed in the errors ... if the key and cert are in x509, this should not give any errors openssl x509 -in mykey.pem -text
    – RubberStamp
    yesterday












  • Well, actually it was in x509, but i was also getting errors. Later, i changed to pkcs8 to see if it would vanish but it still happen.
    – El_Dorado
    yesterday










  • Please update your question with the errors that occurred with the key and cert in x509.
    – RubberStamp
    yesterday















up vote
0
down vote

favorite
1












I'm trying to run apache httpd 2.4.6 on CentOS 7.6 with a self-signed certificate signed with an elliptic curve key brainpoolP384t1, but apache is not accepting this as a valid key. I ensured all directives are poiting to the right place. The only problem is with apache not recognizing the key as valid. The key is not encrypted.



When I get to the ssl_error_log file, I get this (using pkcs8):




[Sun Dec 16 15:15:36.020090 2018] [ssl:error] [pid 8379:tid 140184667797632] AH02203: Init: Private key not found
[Sun Dec 16 15:15:36.020246 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020297 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Sun Dec 16 15:15:36.020327 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020356 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Sun Dec 16 15:15:36.020386 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Sun Dec 16 15:15:36.020415 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020444 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)




without pkcs8




[Mon Dec 17 01:24:47.455770 2018] [ssl:error] [pid 18124:tid 139679037429888] AH02203: Init: Private key not found
[Mon Dec 17 01:24:47.455902 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456051 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Mon Dec 17 01:24:47.456090 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456121 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Mon Dec 17 01:24:47.456152 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Mon Dec 17 01:24:47.456180 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456210 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)




NOTE: I've ran it with rsa key encrypted with aes-256-cbc, but now I want it with an ec key.










share|improve this question
























  • Do you have private key and certificate in PEM format?
    – Romeo Ninov
    yesterday










  • Yes, I do. I've implemented it with a non - ec curve key, but now I want it with an ec curve key.
    – El_Dorado
    yesterday












  • Usually the errors you reported occur when attempting to use a non-x509 key. You should make sure that you keys and cert are in x509 and not pkcs8... as appears to be the case listed in the errors ... if the key and cert are in x509, this should not give any errors openssl x509 -in mykey.pem -text
    – RubberStamp
    yesterday












  • Well, actually it was in x509, but i was also getting errors. Later, i changed to pkcs8 to see if it would vanish but it still happen.
    – El_Dorado
    yesterday










  • Please update your question with the errors that occurred with the key and cert in x509.
    – RubberStamp
    yesterday













up vote
0
down vote

favorite
1









up vote
0
down vote

favorite
1






1





I'm trying to run apache httpd 2.4.6 on CentOS 7.6 with a self-signed certificate signed with an elliptic curve key brainpoolP384t1, but apache is not accepting this as a valid key. I ensured all directives are poiting to the right place. The only problem is with apache not recognizing the key as valid. The key is not encrypted.



When I get to the ssl_error_log file, I get this (using pkcs8):




[Sun Dec 16 15:15:36.020090 2018] [ssl:error] [pid 8379:tid 140184667797632] AH02203: Init: Private key not found
[Sun Dec 16 15:15:36.020246 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020297 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Sun Dec 16 15:15:36.020327 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020356 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Sun Dec 16 15:15:36.020386 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Sun Dec 16 15:15:36.020415 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020444 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)




without pkcs8




[Mon Dec 17 01:24:47.455770 2018] [ssl:error] [pid 18124:tid 139679037429888] AH02203: Init: Private key not found
[Mon Dec 17 01:24:47.455902 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456051 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Mon Dec 17 01:24:47.456090 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456121 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Mon Dec 17 01:24:47.456152 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Mon Dec 17 01:24:47.456180 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456210 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)




NOTE: I've ran it with rsa key encrypted with aes-256-cbc, but now I want it with an ec key.










share|improve this question















I'm trying to run apache httpd 2.4.6 on CentOS 7.6 with a self-signed certificate signed with an elliptic curve key brainpoolP384t1, but apache is not accepting this as a valid key. I ensured all directives are poiting to the right place. The only problem is with apache not recognizing the key as valid. The key is not encrypted.



When I get to the ssl_error_log file, I get this (using pkcs8):




[Sun Dec 16 15:15:36.020090 2018] [ssl:error] [pid 8379:tid 140184667797632] AH02203: Init: Private key not found
[Sun Dec 16 15:15:36.020246 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020297 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Sun Dec 16 15:15:36.020327 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020356 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Sun Dec 16 15:15:36.020386 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Sun Dec 16 15:15:36.020415 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 16 15:15:36.020444 2018] [ssl:error] [pid 8379:tid 140184667797632] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)




without pkcs8




[Mon Dec 17 01:24:47.455770 2018] [ssl:error] [pid 18124:tid 139679037429888] AH02203: Init: Private key not found
[Mon Dec 17 01:24:47.455902 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456051 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
[Mon Dec 17 01:24:47.456090 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456121 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
[Mon Dec 17 01:24:47.456152 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
[Mon Dec 17 01:24:47.456180 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 17 01:24:47.456210 2018] [ssl:error] [pid 18124:tid 139679037429888] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)




NOTE: I've ran it with rsa key encrypted with aes-256-cbc, but now I want it with an ec key.







centos apache-httpd openssl certificates






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 17 hours ago

























asked yesterday









El_Dorado

357




357












  • Do you have private key and certificate in PEM format?
    – Romeo Ninov
    yesterday










  • Yes, I do. I've implemented it with a non - ec curve key, but now I want it with an ec curve key.
    – El_Dorado
    yesterday












  • Usually the errors you reported occur when attempting to use a non-x509 key. You should make sure that you keys and cert are in x509 and not pkcs8... as appears to be the case listed in the errors ... if the key and cert are in x509, this should not give any errors openssl x509 -in mykey.pem -text
    – RubberStamp
    yesterday












  • Well, actually it was in x509, but i was also getting errors. Later, i changed to pkcs8 to see if it would vanish but it still happen.
    – El_Dorado
    yesterday










  • Please update your question with the errors that occurred with the key and cert in x509.
    – RubberStamp
    yesterday


















  • Do you have private key and certificate in PEM format?
    – Romeo Ninov
    yesterday










  • Yes, I do. I've implemented it with a non - ec curve key, but now I want it with an ec curve key.
    – El_Dorado
    yesterday












  • Usually the errors you reported occur when attempting to use a non-x509 key. You should make sure that you keys and cert are in x509 and not pkcs8... as appears to be the case listed in the errors ... if the key and cert are in x509, this should not give any errors openssl x509 -in mykey.pem -text
    – RubberStamp
    yesterday












  • Well, actually it was in x509, but i was also getting errors. Later, i changed to pkcs8 to see if it would vanish but it still happen.
    – El_Dorado
    yesterday










  • Please update your question with the errors that occurred with the key and cert in x509.
    – RubberStamp
    yesterday
















Do you have private key and certificate in PEM format?
– Romeo Ninov
yesterday




Do you have private key and certificate in PEM format?
– Romeo Ninov
yesterday












Yes, I do. I've implemented it with a non - ec curve key, but now I want it with an ec curve key.
– El_Dorado
yesterday






Yes, I do. I've implemented it with a non - ec curve key, but now I want it with an ec curve key.
– El_Dorado
yesterday














Usually the errors you reported occur when attempting to use a non-x509 key. You should make sure that you keys and cert are in x509 and not pkcs8... as appears to be the case listed in the errors ... if the key and cert are in x509, this should not give any errors openssl x509 -in mykey.pem -text
– RubberStamp
yesterday






Usually the errors you reported occur when attempting to use a non-x509 key. You should make sure that you keys and cert are in x509 and not pkcs8... as appears to be the case listed in the errors ... if the key and cert are in x509, this should not give any errors openssl x509 -in mykey.pem -text
– RubberStamp
yesterday














Well, actually it was in x509, but i was also getting errors. Later, i changed to pkcs8 to see if it would vanish but it still happen.
– El_Dorado
yesterday




Well, actually it was in x509, but i was also getting errors. Later, i changed to pkcs8 to see if it would vanish but it still happen.
– El_Dorado
yesterday












Please update your question with the errors that occurred with the key and cert in x509.
– RubberStamp
yesterday




Please update your question with the errors that occurred with the key and cert in x509.
– RubberStamp
yesterday










1 Answer
1






active

oldest

votes

















up vote
1
down vote













From the error messages it looks like your private key is in a pkcs#8 file. From RFC5958 the private key is likely in DER format:



  Interoperability considerations:

The PKCS #8 object inside this media type MUST be DER-encoded
PrivateKeyInfo.


So, you probably need to convert your private key to PEM format:



openssl pkey -inform DER -in key.p8 -outform PEM -out key.pem





It's unclear from your question how you've created your keys and your certs. Here's a simple example that functions on my Debian Buster system.



Create an Elliptic Curve Private Key



openssl ecparam -out ec_key.pem -name brainpoolP384t1 -genkey



openssl pkey -in ec_key.pem -text



-----BEGIN PRIVATE KEY-----
MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBDASBnjCBmwIBAQQwKTnt9uvr1aJS
tXEsz3MCtPbojeYvDKOXm9eEllpsErzSdeBUs0c7kyJYnY00N9pwoWQDYgAED2+w
xryVMzZh/nW6mUx3WxWTjXf02/17sZPpkKHcqtj3TObcA7yjpwNs+PriRBEkiyuU
jbXdeTjr79xTLcElXIvJkEp5vu4qijBQ8CRdqc5BZgGWw0vV84xNtB5xKOpc
-----END PRIVATE KEY-----
Private-Key: (384 bit)
priv:
29:39:ed:f6:eb:eb:d5:a2:52:b5:71:2c:cf:73:02:
b4:f6:e8:8d:e6:2f:0c:a3:97:9b:d7:84:96:5a:6c:
12:bc:d2:75:e0:54:b3:47:3b:93:22:58:9d:8d:34:
37:da:70
pub:
04:0f:6f:b0:c6:bc:95:33:36:61:fe:75:ba:99:4c:
77:5b:15:93:8d:77:f4:db:fd:7b:b1:93:e9:90:a1:
dc:aa:d8:f7:4c:e6:dc:03:bc:a3:a7:03:6c:f8:fa:
e2:44:11:24:8b:2b:94:8d:b5:dd:79:38:eb:ef:dc:
53:2d:c1:25:5c:8b:c9:90:4a:79:be:ee:2a:8a:30:
50:f0:24:5d:a9:ce:41:66:01:96:c3:4b:d5:f3:8c:
4d:b4:1e:71:28:ea:5c
ASN1 OID: brainpoolP384t1


It's important to note that this particular curve is not compatible with the majority of browsers or commonly used client software.



So, here's an example of generating a NIST curve EC key, which is compatible with most browsers and commonly used client software.



Create NIST EC Key



openssl ecparam -out ec_key_nist.pem -name secp384r1 -genkey



openssl pkey -in ec_key_nist.pem -text



-----BEGIN PRIVATE KEY-----
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB1sa6wudssPDi6sfEg
V7J4xTkn3WF4veaMbcw4GAcL8PUrciXjt5jg8J3wbyvB9ZGhZANiAARLBE/WuM1e
DjYNETD+2oEoej6ZbhDvIRbxqxBBuvVna1hQQW76h3MsavEtBNbkAQZHQ9KZCScg
td5N/OhqQ+K7qXSr7F0KHTp49D9grufK+R6/uNoXtT8yiHO5yAI4lok=
-----END PRIVATE KEY-----
Private-Key: (384 bit)
priv:
75:b1:ae:b0:b9:db:2c:3c:38:ba:b1:f1:20:57:b2:
78:c5:39:27:dd:61:78:bd:e6:8c:6d:cc:38:18:07:
0b:f0:f5:2b:72:25:e3:b7:98:e0:f0:9d:f0:6f:2b:
c1:f5:91
pub:
04:4b:04:4f:d6:b8:cd:5e:0e:36:0d:11:30:fe:da:
81:28:7a:3e:99:6e:10:ef:21:16:f1:ab:10:41:ba:
f5:67:6b:58:50:41:6e:fa:87:73:2c:6a:f1:2d:04:
d6:e4:01:06:47:43:d2:99:09:27:20:b5:de:4d:fc:
e8:6a:43:e2:bb:a9:74:ab:ec:5d:0a:1d:3a:78:f4:
3f:60:ae:e7:ca:f9:1e:bf:b8:da:17:b5:3f:32:88:
73:b9:c8:02:38:96:89
ASN1 OID: secp384r1
NIST CURVE: P-384


Create the self-signed server certificate



Once you've got a key generated, the self-signed server cert is a one liner:



openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem



After testing with both EC keys, it is confirmed that brainpoolP384t1 is a non-functioning curve for any of my browsers. However, the NIST EC key and cert worked as expected with all my client software.



Tested Software:




  1. Brave Browser (0.25.2)

  2. Firefox (60.3.0)

  3. Sylpheed (3.7.0)

  4. Lynx (2.8.9rel.1)






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f489306%2fhow-to-run-apache-httpd-2-4-6-with-a-self-signed-certificate-signed-with-an-elli%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    1
    down vote













    From the error messages it looks like your private key is in a pkcs#8 file. From RFC5958 the private key is likely in DER format:



      Interoperability considerations:

    The PKCS #8 object inside this media type MUST be DER-encoded
    PrivateKeyInfo.


    So, you probably need to convert your private key to PEM format:



    openssl pkey -inform DER -in key.p8 -outform PEM -out key.pem





    It's unclear from your question how you've created your keys and your certs. Here's a simple example that functions on my Debian Buster system.



    Create an Elliptic Curve Private Key



    openssl ecparam -out ec_key.pem -name brainpoolP384t1 -genkey



    openssl pkey -in ec_key.pem -text



    -----BEGIN PRIVATE KEY-----
    MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBDASBnjCBmwIBAQQwKTnt9uvr1aJS
    tXEsz3MCtPbojeYvDKOXm9eEllpsErzSdeBUs0c7kyJYnY00N9pwoWQDYgAED2+w
    xryVMzZh/nW6mUx3WxWTjXf02/17sZPpkKHcqtj3TObcA7yjpwNs+PriRBEkiyuU
    jbXdeTjr79xTLcElXIvJkEp5vu4qijBQ8CRdqc5BZgGWw0vV84xNtB5xKOpc
    -----END PRIVATE KEY-----
    Private-Key: (384 bit)
    priv:
    29:39:ed:f6:eb:eb:d5:a2:52:b5:71:2c:cf:73:02:
    b4:f6:e8:8d:e6:2f:0c:a3:97:9b:d7:84:96:5a:6c:
    12:bc:d2:75:e0:54:b3:47:3b:93:22:58:9d:8d:34:
    37:da:70
    pub:
    04:0f:6f:b0:c6:bc:95:33:36:61:fe:75:ba:99:4c:
    77:5b:15:93:8d:77:f4:db:fd:7b:b1:93:e9:90:a1:
    dc:aa:d8:f7:4c:e6:dc:03:bc:a3:a7:03:6c:f8:fa:
    e2:44:11:24:8b:2b:94:8d:b5:dd:79:38:eb:ef:dc:
    53:2d:c1:25:5c:8b:c9:90:4a:79:be:ee:2a:8a:30:
    50:f0:24:5d:a9:ce:41:66:01:96:c3:4b:d5:f3:8c:
    4d:b4:1e:71:28:ea:5c
    ASN1 OID: brainpoolP384t1


    It's important to note that this particular curve is not compatible with the majority of browsers or commonly used client software.



    So, here's an example of generating a NIST curve EC key, which is compatible with most browsers and commonly used client software.



    Create NIST EC Key



    openssl ecparam -out ec_key_nist.pem -name secp384r1 -genkey



    openssl pkey -in ec_key_nist.pem -text



    -----BEGIN PRIVATE KEY-----
    MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB1sa6wudssPDi6sfEg
    V7J4xTkn3WF4veaMbcw4GAcL8PUrciXjt5jg8J3wbyvB9ZGhZANiAARLBE/WuM1e
    DjYNETD+2oEoej6ZbhDvIRbxqxBBuvVna1hQQW76h3MsavEtBNbkAQZHQ9KZCScg
    td5N/OhqQ+K7qXSr7F0KHTp49D9grufK+R6/uNoXtT8yiHO5yAI4lok=
    -----END PRIVATE KEY-----
    Private-Key: (384 bit)
    priv:
    75:b1:ae:b0:b9:db:2c:3c:38:ba:b1:f1:20:57:b2:
    78:c5:39:27:dd:61:78:bd:e6:8c:6d:cc:38:18:07:
    0b:f0:f5:2b:72:25:e3:b7:98:e0:f0:9d:f0:6f:2b:
    c1:f5:91
    pub:
    04:4b:04:4f:d6:b8:cd:5e:0e:36:0d:11:30:fe:da:
    81:28:7a:3e:99:6e:10:ef:21:16:f1:ab:10:41:ba:
    f5:67:6b:58:50:41:6e:fa:87:73:2c:6a:f1:2d:04:
    d6:e4:01:06:47:43:d2:99:09:27:20:b5:de:4d:fc:
    e8:6a:43:e2:bb:a9:74:ab:ec:5d:0a:1d:3a:78:f4:
    3f:60:ae:e7:ca:f9:1e:bf:b8:da:17:b5:3f:32:88:
    73:b9:c8:02:38:96:89
    ASN1 OID: secp384r1
    NIST CURVE: P-384


    Create the self-signed server certificate



    Once you've got a key generated, the self-signed server cert is a one liner:



    openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem



    After testing with both EC keys, it is confirmed that brainpoolP384t1 is a non-functioning curve for any of my browsers. However, the NIST EC key and cert worked as expected with all my client software.



    Tested Software:




    1. Brave Browser (0.25.2)

    2. Firefox (60.3.0)

    3. Sylpheed (3.7.0)

    4. Lynx (2.8.9rel.1)






    share|improve this answer



























      up vote
      1
      down vote













      From the error messages it looks like your private key is in a pkcs#8 file. From RFC5958 the private key is likely in DER format:



        Interoperability considerations:

      The PKCS #8 object inside this media type MUST be DER-encoded
      PrivateKeyInfo.


      So, you probably need to convert your private key to PEM format:



      openssl pkey -inform DER -in key.p8 -outform PEM -out key.pem





      It's unclear from your question how you've created your keys and your certs. Here's a simple example that functions on my Debian Buster system.



      Create an Elliptic Curve Private Key



      openssl ecparam -out ec_key.pem -name brainpoolP384t1 -genkey



      openssl pkey -in ec_key.pem -text



      -----BEGIN PRIVATE KEY-----
      MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBDASBnjCBmwIBAQQwKTnt9uvr1aJS
      tXEsz3MCtPbojeYvDKOXm9eEllpsErzSdeBUs0c7kyJYnY00N9pwoWQDYgAED2+w
      xryVMzZh/nW6mUx3WxWTjXf02/17sZPpkKHcqtj3TObcA7yjpwNs+PriRBEkiyuU
      jbXdeTjr79xTLcElXIvJkEp5vu4qijBQ8CRdqc5BZgGWw0vV84xNtB5xKOpc
      -----END PRIVATE KEY-----
      Private-Key: (384 bit)
      priv:
      29:39:ed:f6:eb:eb:d5:a2:52:b5:71:2c:cf:73:02:
      b4:f6:e8:8d:e6:2f:0c:a3:97:9b:d7:84:96:5a:6c:
      12:bc:d2:75:e0:54:b3:47:3b:93:22:58:9d:8d:34:
      37:da:70
      pub:
      04:0f:6f:b0:c6:bc:95:33:36:61:fe:75:ba:99:4c:
      77:5b:15:93:8d:77:f4:db:fd:7b:b1:93:e9:90:a1:
      dc:aa:d8:f7:4c:e6:dc:03:bc:a3:a7:03:6c:f8:fa:
      e2:44:11:24:8b:2b:94:8d:b5:dd:79:38:eb:ef:dc:
      53:2d:c1:25:5c:8b:c9:90:4a:79:be:ee:2a:8a:30:
      50:f0:24:5d:a9:ce:41:66:01:96:c3:4b:d5:f3:8c:
      4d:b4:1e:71:28:ea:5c
      ASN1 OID: brainpoolP384t1


      It's important to note that this particular curve is not compatible with the majority of browsers or commonly used client software.



      So, here's an example of generating a NIST curve EC key, which is compatible with most browsers and commonly used client software.



      Create NIST EC Key



      openssl ecparam -out ec_key_nist.pem -name secp384r1 -genkey



      openssl pkey -in ec_key_nist.pem -text



      -----BEGIN PRIVATE KEY-----
      MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB1sa6wudssPDi6sfEg
      V7J4xTkn3WF4veaMbcw4GAcL8PUrciXjt5jg8J3wbyvB9ZGhZANiAARLBE/WuM1e
      DjYNETD+2oEoej6ZbhDvIRbxqxBBuvVna1hQQW76h3MsavEtBNbkAQZHQ9KZCScg
      td5N/OhqQ+K7qXSr7F0KHTp49D9grufK+R6/uNoXtT8yiHO5yAI4lok=
      -----END PRIVATE KEY-----
      Private-Key: (384 bit)
      priv:
      75:b1:ae:b0:b9:db:2c:3c:38:ba:b1:f1:20:57:b2:
      78:c5:39:27:dd:61:78:bd:e6:8c:6d:cc:38:18:07:
      0b:f0:f5:2b:72:25:e3:b7:98:e0:f0:9d:f0:6f:2b:
      c1:f5:91
      pub:
      04:4b:04:4f:d6:b8:cd:5e:0e:36:0d:11:30:fe:da:
      81:28:7a:3e:99:6e:10:ef:21:16:f1:ab:10:41:ba:
      f5:67:6b:58:50:41:6e:fa:87:73:2c:6a:f1:2d:04:
      d6:e4:01:06:47:43:d2:99:09:27:20:b5:de:4d:fc:
      e8:6a:43:e2:bb:a9:74:ab:ec:5d:0a:1d:3a:78:f4:
      3f:60:ae:e7:ca:f9:1e:bf:b8:da:17:b5:3f:32:88:
      73:b9:c8:02:38:96:89
      ASN1 OID: secp384r1
      NIST CURVE: P-384


      Create the self-signed server certificate



      Once you've got a key generated, the self-signed server cert is a one liner:



      openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem



      After testing with both EC keys, it is confirmed that brainpoolP384t1 is a non-functioning curve for any of my browsers. However, the NIST EC key and cert worked as expected with all my client software.



      Tested Software:




      1. Brave Browser (0.25.2)

      2. Firefox (60.3.0)

      3. Sylpheed (3.7.0)

      4. Lynx (2.8.9rel.1)






      share|improve this answer

























        up vote
        1
        down vote










        up vote
        1
        down vote









        From the error messages it looks like your private key is in a pkcs#8 file. From RFC5958 the private key is likely in DER format:



          Interoperability considerations:

        The PKCS #8 object inside this media type MUST be DER-encoded
        PrivateKeyInfo.


        So, you probably need to convert your private key to PEM format:



        openssl pkey -inform DER -in key.p8 -outform PEM -out key.pem





        It's unclear from your question how you've created your keys and your certs. Here's a simple example that functions on my Debian Buster system.



        Create an Elliptic Curve Private Key



        openssl ecparam -out ec_key.pem -name brainpoolP384t1 -genkey



        openssl pkey -in ec_key.pem -text



        -----BEGIN PRIVATE KEY-----
        MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBDASBnjCBmwIBAQQwKTnt9uvr1aJS
        tXEsz3MCtPbojeYvDKOXm9eEllpsErzSdeBUs0c7kyJYnY00N9pwoWQDYgAED2+w
        xryVMzZh/nW6mUx3WxWTjXf02/17sZPpkKHcqtj3TObcA7yjpwNs+PriRBEkiyuU
        jbXdeTjr79xTLcElXIvJkEp5vu4qijBQ8CRdqc5BZgGWw0vV84xNtB5xKOpc
        -----END PRIVATE KEY-----
        Private-Key: (384 bit)
        priv:
        29:39:ed:f6:eb:eb:d5:a2:52:b5:71:2c:cf:73:02:
        b4:f6:e8:8d:e6:2f:0c:a3:97:9b:d7:84:96:5a:6c:
        12:bc:d2:75:e0:54:b3:47:3b:93:22:58:9d:8d:34:
        37:da:70
        pub:
        04:0f:6f:b0:c6:bc:95:33:36:61:fe:75:ba:99:4c:
        77:5b:15:93:8d:77:f4:db:fd:7b:b1:93:e9:90:a1:
        dc:aa:d8:f7:4c:e6:dc:03:bc:a3:a7:03:6c:f8:fa:
        e2:44:11:24:8b:2b:94:8d:b5:dd:79:38:eb:ef:dc:
        53:2d:c1:25:5c:8b:c9:90:4a:79:be:ee:2a:8a:30:
        50:f0:24:5d:a9:ce:41:66:01:96:c3:4b:d5:f3:8c:
        4d:b4:1e:71:28:ea:5c
        ASN1 OID: brainpoolP384t1


        It's important to note that this particular curve is not compatible with the majority of browsers or commonly used client software.



        So, here's an example of generating a NIST curve EC key, which is compatible with most browsers and commonly used client software.



        Create NIST EC Key



        openssl ecparam -out ec_key_nist.pem -name secp384r1 -genkey



        openssl pkey -in ec_key_nist.pem -text



        -----BEGIN PRIVATE KEY-----
        MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB1sa6wudssPDi6sfEg
        V7J4xTkn3WF4veaMbcw4GAcL8PUrciXjt5jg8J3wbyvB9ZGhZANiAARLBE/WuM1e
        DjYNETD+2oEoej6ZbhDvIRbxqxBBuvVna1hQQW76h3MsavEtBNbkAQZHQ9KZCScg
        td5N/OhqQ+K7qXSr7F0KHTp49D9grufK+R6/uNoXtT8yiHO5yAI4lok=
        -----END PRIVATE KEY-----
        Private-Key: (384 bit)
        priv:
        75:b1:ae:b0:b9:db:2c:3c:38:ba:b1:f1:20:57:b2:
        78:c5:39:27:dd:61:78:bd:e6:8c:6d:cc:38:18:07:
        0b:f0:f5:2b:72:25:e3:b7:98:e0:f0:9d:f0:6f:2b:
        c1:f5:91
        pub:
        04:4b:04:4f:d6:b8:cd:5e:0e:36:0d:11:30:fe:da:
        81:28:7a:3e:99:6e:10:ef:21:16:f1:ab:10:41:ba:
        f5:67:6b:58:50:41:6e:fa:87:73:2c:6a:f1:2d:04:
        d6:e4:01:06:47:43:d2:99:09:27:20:b5:de:4d:fc:
        e8:6a:43:e2:bb:a9:74:ab:ec:5d:0a:1d:3a:78:f4:
        3f:60:ae:e7:ca:f9:1e:bf:b8:da:17:b5:3f:32:88:
        73:b9:c8:02:38:96:89
        ASN1 OID: secp384r1
        NIST CURVE: P-384


        Create the self-signed server certificate



        Once you've got a key generated, the self-signed server cert is a one liner:



        openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem



        After testing with both EC keys, it is confirmed that brainpoolP384t1 is a non-functioning curve for any of my browsers. However, the NIST EC key and cert worked as expected with all my client software.



        Tested Software:




        1. Brave Browser (0.25.2)

        2. Firefox (60.3.0)

        3. Sylpheed (3.7.0)

        4. Lynx (2.8.9rel.1)






        share|improve this answer














        From the error messages it looks like your private key is in a pkcs#8 file. From RFC5958 the private key is likely in DER format:



          Interoperability considerations:

        The PKCS #8 object inside this media type MUST be DER-encoded
        PrivateKeyInfo.


        So, you probably need to convert your private key to PEM format:



        openssl pkey -inform DER -in key.p8 -outform PEM -out key.pem





        It's unclear from your question how you've created your keys and your certs. Here's a simple example that functions on my Debian Buster system.



        Create an Elliptic Curve Private Key



        openssl ecparam -out ec_key.pem -name brainpoolP384t1 -genkey



        openssl pkey -in ec_key.pem -text



        -----BEGIN PRIVATE KEY-----
        MIG6AgEAMBQGByqGSM49AgEGCSskAwMCCAEBDASBnjCBmwIBAQQwKTnt9uvr1aJS
        tXEsz3MCtPbojeYvDKOXm9eEllpsErzSdeBUs0c7kyJYnY00N9pwoWQDYgAED2+w
        xryVMzZh/nW6mUx3WxWTjXf02/17sZPpkKHcqtj3TObcA7yjpwNs+PriRBEkiyuU
        jbXdeTjr79xTLcElXIvJkEp5vu4qijBQ8CRdqc5BZgGWw0vV84xNtB5xKOpc
        -----END PRIVATE KEY-----
        Private-Key: (384 bit)
        priv:
        29:39:ed:f6:eb:eb:d5:a2:52:b5:71:2c:cf:73:02:
        b4:f6:e8:8d:e6:2f:0c:a3:97:9b:d7:84:96:5a:6c:
        12:bc:d2:75:e0:54:b3:47:3b:93:22:58:9d:8d:34:
        37:da:70
        pub:
        04:0f:6f:b0:c6:bc:95:33:36:61:fe:75:ba:99:4c:
        77:5b:15:93:8d:77:f4:db:fd:7b:b1:93:e9:90:a1:
        dc:aa:d8:f7:4c:e6:dc:03:bc:a3:a7:03:6c:f8:fa:
        e2:44:11:24:8b:2b:94:8d:b5:dd:79:38:eb:ef:dc:
        53:2d:c1:25:5c:8b:c9:90:4a:79:be:ee:2a:8a:30:
        50:f0:24:5d:a9:ce:41:66:01:96:c3:4b:d5:f3:8c:
        4d:b4:1e:71:28:ea:5c
        ASN1 OID: brainpoolP384t1


        It's important to note that this particular curve is not compatible with the majority of browsers or commonly used client software.



        So, here's an example of generating a NIST curve EC key, which is compatible with most browsers and commonly used client software.



        Create NIST EC Key



        openssl ecparam -out ec_key_nist.pem -name secp384r1 -genkey



        openssl pkey -in ec_key_nist.pem -text



        -----BEGIN PRIVATE KEY-----
        MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDB1sa6wudssPDi6sfEg
        V7J4xTkn3WF4veaMbcw4GAcL8PUrciXjt5jg8J3wbyvB9ZGhZANiAARLBE/WuM1e
        DjYNETD+2oEoej6ZbhDvIRbxqxBBuvVna1hQQW76h3MsavEtBNbkAQZHQ9KZCScg
        td5N/OhqQ+K7qXSr7F0KHTp49D9grufK+R6/uNoXtT8yiHO5yAI4lok=
        -----END PRIVATE KEY-----
        Private-Key: (384 bit)
        priv:
        75:b1:ae:b0:b9:db:2c:3c:38:ba:b1:f1:20:57:b2:
        78:c5:39:27:dd:61:78:bd:e6:8c:6d:cc:38:18:07:
        0b:f0:f5:2b:72:25:e3:b7:98:e0:f0:9d:f0:6f:2b:
        c1:f5:91
        pub:
        04:4b:04:4f:d6:b8:cd:5e:0e:36:0d:11:30:fe:da:
        81:28:7a:3e:99:6e:10:ef:21:16:f1:ab:10:41:ba:
        f5:67:6b:58:50:41:6e:fa:87:73:2c:6a:f1:2d:04:
        d6:e4:01:06:47:43:d2:99:09:27:20:b5:de:4d:fc:
        e8:6a:43:e2:bb:a9:74:ab:ec:5d:0a:1d:3a:78:f4:
        3f:60:ae:e7:ca:f9:1e:bf:b8:da:17:b5:3f:32:88:
        73:b9:c8:02:38:96:89
        ASN1 OID: secp384r1
        NIST CURVE: P-384


        Create the self-signed server certificate



        Once you've got a key generated, the self-signed server cert is a one liner:



        openssl req -new -key ec_key.pem -x509 -nodes -days 365 -out cert.pem



        After testing with both EC keys, it is confirmed that brainpoolP384t1 is a non-functioning curve for any of my browsers. However, the NIST EC key and cert worked as expected with all my client software.



        Tested Software:




        1. Brave Browser (0.25.2)

        2. Firefox (60.3.0)

        3. Sylpheed (3.7.0)

        4. Lynx (2.8.9rel.1)







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited 17 hours ago

























        answered yesterday









        RubberStamp

        1,7801518




        1,7801518






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f489306%2fhow-to-run-apache-httpd-2-4-6-with-a-self-signed-certificate-signed-with-an-elli%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Accessing regular linux commands in Huawei's Dopra Linux

            Can't connect RFCOMM socket: Host is down

            Kernel panic - not syncing: Fatal Exception in Interrupt